WO2021073440A1 - 嵌入式通用集成电路卡访问控制方法、装置及存储介质 - Google Patents

嵌入式通用集成电路卡访问控制方法、装置及存储介质 Download PDF

Info

Publication number
WO2021073440A1
WO2021073440A1 PCT/CN2020/119563 CN2020119563W WO2021073440A1 WO 2021073440 A1 WO2021073440 A1 WO 2021073440A1 CN 2020119563 W CN2020119563 W CN 2020119563W WO 2021073440 A1 WO2021073440 A1 WO 2021073440A1
Authority
WO
WIPO (PCT)
Prior art keywords
application
euicc
access control
profile
access
Prior art date
Application number
PCT/CN2020/119563
Other languages
English (en)
French (fr)
Inventor
乐祖晖
Original Assignee
中国移动通信有限公司研究院
中国移动通信集团有限公司
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by 中国移动通信有限公司研究院, 中国移动通信集团有限公司 filed Critical 中国移动通信有限公司研究院
Publication of WO2021073440A1 publication Critical patent/WO2021073440A1/zh

Links

Images

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/50Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
    • G06F21/52Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems during program execution, e.g. stack integrity ; Preventing unwanted data erasure; Buffer overflow
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/70Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer
    • G06F21/71Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer to assure secure computing or processing of information
    • G06F21/77Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer to assure secure computing or processing of information in smart cards
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W8/00Network data management
    • H04W8/18Processing of user or subscriber data, e.g. subscribed services, user preferences or user profiles; Transfer of user or subscriber data
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W8/00Network data management
    • H04W8/18Processing of user or subscriber data, e.g. subscribed services, user preferences or user profiles; Transfer of user or subscriber data
    • H04W8/183Processing at user equipment or user record carrier

Definitions

  • the present disclosure relates to the field of mobile communications, and in particular to an embedded universal integrated circuit card (Embedded UICC, eUICC) access control method, device and storage medium.
  • Embedded UICC embedded UICC
  • eUICC embedded universal integrated circuit card
  • eSIM embedded SIM, Embedded User Identification Module
  • GSMA Global Association for Mobile Communications System
  • one or more profiles can be saved on the eUICC (ie, eSIM card).
  • eUICC ie, eSIM card
  • the user can use the profile
  • the profile acts as a "container", and the Applet on the card can be included in a certain profile.
  • the Applet(s) contained in the Profile When a Profile is in the "Enabled” state, the Applet(s) contained in the Profile is in the "Active” state and can be accessed and worked normally; when a Profile is in the "Disabled” state , The Applet(s) contained in the profile are in the "deactivated” state and cannot communicate with external entities.
  • the embodiments of the present disclosure provide an eSIM access control method, device, and storage medium, aiming to solve the technical problem that the access control rules between the eUICC controller and the different profile owners cannot be coordinated.
  • the embodiments of the present disclosure provide an eUICC access control method, including:
  • the eUICC receives the first request sent by the terminal for obtaining the access authority of the card-level application
  • the first access control AC application manages the terminal's access authority to access the card-level application
  • the second AC application manages the access authority of the terminal to access the Profile-level application
  • the eUICC is configured with the first AC application and the second AC application.
  • the embodiment of the present disclosure also provides an eUICC access control method, including:
  • the terminal sends the first request for obtaining the access permission of the card-level application to the eUICC;
  • Access the second AC application of the eUICC and authenticate the access authority of the profile-level application of the eUICC.
  • the embodiment of the present disclosure further provides an eUICC access control device for an embedded universal integrated circuit card, which is applied to the eUICC, and includes:
  • the first processing module is configured to receive the first request sent by the terminal for obtaining the access authority of the card-level application
  • the first access control AC application is configured to manage the access rights of the terminal to the card-level application based on the first request;
  • the first processing module is further configured to receive a second request sent by the terminal for obtaining the access authority of the profile-level application of the contract data file, the second request occurring after the terminal obtains the access authority of the card-level application Into
  • the second AC application is configured to manage the access authority of the terminal to access the Profile-level application based on the second request.
  • the embodiment of the present disclosure also provides an eUICC access control device for an embedded universal integrated circuit card, which is applied to a terminal, and includes:
  • the second processing module is configured to send a first request for obtaining access rights of card-level applications to the eUICC;
  • An authentication module configured to access the first access control AC application of the eUICC, and authenticate the access authority of the card-level application of the eUICC;
  • the second processing module is further configured to, after the authentication module determines that the terminal obtains the access permission of the card-level application of the eUICC, send a second request for obtaining the access permission of the profile-level application of the contract data file to the all EUICC;
  • the authentication module is further configured to access the second AC application of the eUICC, and authenticate the access authority of the profile-level application of the eUICC.
  • the embodiment of the present disclosure further provides an embedded universal integrated circuit card eUICC, including: a processor and a memory for storing a computer program that can run on the processor, wherein the processor is used for running the computer program. , Execute the steps of the method described on the eUICC side in the embodiment of the present disclosure.
  • eUICC embedded universal integrated circuit card
  • the embodiment of the present disclosure also provides a terminal, including: a processor and a memory for storing a computer program that can run on the processor, wherein the processor is used to execute the embodiment of the present disclosure when the computer program is running. The steps of the method on the terminal side.
  • An embodiment of the present disclosure is yet another storage medium with a computer program stored on the storage medium, and when the computer program is executed by a processor, the steps of the method described in any of the embodiments of the present disclosure are implemented.
  • the eUICC is configured with a card-level first AC application and a second AC application corresponding to each profile, hierarchical management of the access rights of the card-level applications and the access rights of the Profile-level applications can be realized.
  • Different AC applications manage corresponding access permissions, which facilitates the management of hierarchical access permissions for card applications on the terminal, thereby improving the security of card application access on the eUICC.
  • FIG. 1 is a schematic flowchart of an eUICC access control method according to an embodiment of the present disclosure
  • FIG. 2 is a schematic diagram of the architecture of an eUICC according to an embodiment of the present disclosure
  • FIG. 3 is a schematic flowchart of an eUICC access control method according to another embodiment of the present disclosure.
  • FIG. 4 is a schematic diagram of a flow of acquiring access permissions of a card application by a client application of a terminal according to an application embodiment of the present disclosure
  • FIG. 5 is a schematic structural diagram of an eUICC access control device according to an embodiment of the present disclosure.
  • FIG. 6 is a schematic structural diagram of an eUICC access control device according to another embodiment of the present disclosure.
  • FIG. 7 is a schematic structural diagram of an eUICC according to an embodiment of the disclosure.
  • FIG. 8 is a schematic structural diagram of a terminal according to an embodiment of the disclosure.
  • card applications may include: card-level applications and profile-level applications, where card-level applications refer to card applications directly installed under the operating system (OS) of eUICC.
  • OS operating system
  • the operating system can also create more than one Profile container.
  • the profile container is an independent entity on the eUICC, and each profile container is mainly used to store the operator's profile.
  • Profile-level applications refer to card applications installed under each profile container.
  • the access authority of the card level application and the access authority of the profile level application can be classified.
  • Management Different AC applications manage corresponding access permissions, which facilitates the management of hierarchical access permissions for card applications on the terminal, thereby improving the security of access to card applications on the eUICC.
  • the embodiment of the present disclosure provides an eUICC access control method, which is applied to eUICC. As shown in FIG. 1, the method includes:
  • Step 101 The eUICC receives the first request sent by the terminal for obtaining the access permission of the card-level application
  • the eUICC receives a first request sent by the terminal, where the first request is used to obtain the first access control rule of the eUICC;
  • the terminal will send a first request to the eUICC.
  • the first request is used to obtain the first access control rule corresponding to the card-level application of the eUICC, that is, the first access control rule includes the corresponding card-level application.
  • Access control rules refers to the authentication information for authenticating the access authority of the card application.
  • the first access control rule is the authentication information for authenticating the access authority of the card-level application.
  • the authentication information may be a private key or a digital certificate.
  • Step 102 Based on the first request, the first access control (AC) application manages the access authority of the terminal to access the card-level application;
  • AC access control
  • the first AC application sends a first access control rule to the terminal based on the first request, and the first access control rule is used by the terminal to authenticate the access authority of the card-level application;
  • the first AC application manages the access control rules corresponding to each card-level application in the eUICC. Based on the first request, the first AC application sends a first access control rule to the terminal.
  • the first access control rule includes the eUICC's Each card level applies corresponding access control rules.
  • Step 103 Receive a second request sent by the terminal for obtaining the access authority of the profile-level application of the contract data file, where the second request is generated after the terminal obtains the access authority of the card-level application;
  • the eUICC receives a second request sent by the terminal.
  • the second request is generated after the terminal obtains the access permission of the card-level application.
  • the second request is used to obtain the active status on the eUICC.
  • the terminal receives the first access control rule and authenticates the access authority of the card-level application according to the first access control rule. If it passes, the access authority of the card-level application is obtained, and corresponding processing can be performed based on the card-level application. If it fails, it means that the card-level application cannot be accessed and the card-level application cannot be accessed.
  • the embodiment of the present disclosure only generates and sends a second request to the eUICC after the terminal obtains the access authority of the card-level application to obtain the second access control rule corresponding to the active subscription data file (Profile) on the eUICC. In this way, Realize hierarchical management of access control rules.
  • Profile active subscription data file
  • Step 104 Based on the second request, the second AC application manages the access right of the terminal to the Profile-level application.
  • the second AC application manages the access control rules corresponding to each profile-level application. Based on the second request, the second AC application sends the second access control rule corresponding to the active profile to the terminal.
  • the second access control rule Including the access control rules of the Profile level application under the corresponding Profile.
  • the card-level first access control rule and the second access control rule of each profile can be combined.
  • Hierarchical management Different AC applications manage corresponding access control rules, which facilitates the management of hierarchical access rights to card applications on the terminal, thereby improving the security of card application access on the eUICC.
  • the second AC application and the Profile The one-to-one correspondence setting is used to manage the second access control rules of the Profile-level application corresponding to the corresponding Profile, and the application identifier of each second AC application includes the identity identifier of the corresponding Profile.
  • the eUICC includes an AC application (i.e., the first AC application) for managing access control rules of card-level applications, and each profile (Profile1, There is one AC application (that is, the second AC application) under Profile2).
  • card-level applications include: ISD_R (Issuer Security Root Domain), ECASD (Embedded UICC Control Authority Security Domain), Applet 1, the application identifier (AID) of the first AC application is marked as AC AID, and each profile has a corresponding Identification (PID).
  • Each profile has a second AC application.
  • the AID of the second AC application includes: the PID of the profile to which it belongs and a specific suffix (such as AC). In this way, the AID of each AC application is globally unique, which can effectively prevent the following situations:
  • the profile-level AC application of eUICC manages the access control rules of the card-level application.
  • the sending the second access control rule to the terminal by the second AC application based on the second request includes:
  • Each second AC application corresponding to the profile in the active state respectively sends the second access control rule managed by it to the terminal.
  • eUICC maintains the list information corresponding to the active profile, and the terminal can obtain the list information, so as to carry the PID of the active profile in the second request, because the application identifier of each AC application includes the PID of the corresponding profile, eUICC
  • the second AC application corresponding to each profile in the active state can be determined according to the second request, and the corresponding second AC application sends the second access control rule managed by the corresponding second AC application to the terminal.
  • each profile owner updates the access control rules stored in each second AC application via OTA.
  • the method further includes at least one of the following:
  • the first AC application updates the first access control rule based on the first update request, wherein the first update request is for the terminal to obtain a card-level application Generated after access rights;
  • the second AC application updates the second access control rule based on the second update request, where the second update request is for the terminal to obtain a profile-level application It is generated when the access permission and the profile corresponding to the Profile-level application is activated.
  • the method also includes:
  • the update flag query request is used to query whether the target access control rule is updated, and the target access control rule is corresponding to the card-level application or profile-level application to be accessed by the client application on the terminal side Access control rules;
  • the target access control rule has been updated, feedback second information to the terminal, where the second information is used to instruct the terminal to reacquire the target access control rule.
  • the method further includes at least one of the following:
  • the corresponding AC application adds the access control rules corresponding to the newly installed card-level application or profile-level application;
  • the corresponding AC application deletes the access control rules corresponding to the corresponding card-level application or the profile-level application.
  • the embodiment of the present disclosure also provides an eUICC access control method, which is applied to a terminal. As shown in FIG. 3, the method includes:
  • Step 301 The terminal sends a first request for obtaining access rights of card-level applications to the eUICC;
  • the first request is used to obtain the first access control rule of the eUICC
  • the terminal will send a first request to the eUICC.
  • the first request is used to obtain the first access control rule corresponding to the card-level application of the eUICC, that is, the first access control rule includes the corresponding card-level application.
  • Access control rules refers to the authentication information for authenticating the access authority of the card application.
  • the first access control rule is the authentication information for authenticating the access authority of the card-level application.
  • the authentication information may be a private key or a digital certificate.
  • Step 302 Access the first access control AC application of the eUICC, and authenticate the access authority of the card-level application of the eUICC;
  • the terminal accesses the first AC application of the eUICC, and receives the first access control rule sent by the first AC application;
  • the first AC application manages the access control rules corresponding to each card-level application, and the first AC application sends the first access control rules to the terminal based on the first request.
  • Step 303 After determining to obtain the access authority of the card-level application of the eUICC, send a second request for obtaining the access authority of the profile-level application of the contract data file to the eUICC;
  • the terminal after determining that the terminal obtains the access authority of the card-level application of the eUICC based on the first access control rule, the terminal sends a second request for obtaining the access authority of the profile-level application to the eUICC.
  • the second request is used to obtain the second access control rule corresponding to the profile activated on the eUICC;
  • the terminal receives the first access control rule and authenticates the access authority of the card-level application according to the first access control rule. If it passes, the access authority of the card-level application is obtained, and corresponding processing can be performed based on the card-level application. If it fails, it means that the card-level application cannot be accessed and the card-level application cannot be accessed.
  • the terminal After determining to obtain the access authority of the card-level application of the eUICC, the terminal sends a second request to the eUICC.
  • the second request is used to obtain the second access control rule corresponding to the active profile on the eUICC.
  • Step 304 Access the second AC application of the eUICC, and authenticate the access authority of the profile-level application of the eUICC.
  • the terminal accesses the second AC application of the eUICC, and receives the second access control rule sent by the second AC application.
  • the terminal respectively receives the second access control rule sent by the corresponding second AC application.
  • the terminal receives the second access control rule, and can authenticate the access authority of the corresponding Profile-level application according to the received second access control rule. If the authentication is passed, it can access the corresponding Profile-level application.
  • the sending the second request for obtaining the access permission of the Profile-level application to the eUICC includes:
  • the second request is sent based on the identity of the profile in the activated state, and the second request carries the identity of the profile in the activated state.
  • eUICC maintains the list information corresponding to the active profile, and the terminal can obtain the list information, so as to carry the PID of the active profile in the second request, because the application identifier of each AC application includes the PID of the corresponding profile, eUICC
  • the second AC application corresponding to each profile in the active state can be determined according to the second request, and the corresponding second AC application sends the second access control rule managed by the second AC application to the terminal.
  • the method further includes one of the following:
  • a second update request is sent to the eUICC, where the second update request is used to instruct the eUICC to update the second access control rule.
  • the method also includes:
  • the update flag query request is used to query whether the target access control rule is updated, and the target access control rule corresponds to the card-level application or profile-level application to be accessed by the client application on the terminal side Access control rules;
  • the target access control rule is re-acquired, and the card-level application or profile-level application to be accessed is performed based on the re-acquired target access control rule.
  • the terminal may perform access authority authentication for the card-level application or profile-level application to be accessed according to the acquired target access control rule.
  • the method further includes at least one of the following:
  • the terminal can periodically obtain the profile list information of the active state on the eUICC side to determine whether there is a situation in which the profile changes from the active state to the inactive state or from the inactive state to the active state. If there is a corresponding situation , Then execute the step of deleting the second access control rule corresponding to the profile stored in the terminal or obtaining the second access control rule corresponding to the profile.
  • FIG. 4 is a schematic diagram of a flow of acquiring access permissions of a card application by a client application of a terminal in an application embodiment of the disclosure.
  • the terminal is configured with a client application, SIM API (User Identity Recognition Module Application), and an application manager.
  • SIM API includes a SIM access interface and an access control module, and the application manager is used to manage the corresponding client applications.
  • eUICC is equipped with multiple AC applications and various card applications (Applets).
  • the first AC application is used to manage the access control rules of card-level applets, and each second AC is applied to each profile corresponding to the profile-level applet under the corresponding profile. Access control rules.
  • Step 0 After the mobile terminal is turned on, the access control module reads the rules (including the client application certificate) from the SIM card and stores them;
  • the mobile terminal will first send a first request to the eUICC.
  • the first request is used to obtain the first access control rule corresponding to the card-level application of the eUICC, that is, the first access control rule includes the access control rule corresponding to each card-level application.
  • the mobile phone terminal After determining that the mobile phone terminal obtains the access authority of the card-level application of the eUICC, it sends a second request to the eUICC, where the second request is used to obtain the second access control rule corresponding to the profile activated on the eUICC.
  • Step 1 The client application on the mobile terminal calls the SIM API to access a certain card application on the SIM card (first select an application on the card through AID, and then send an APDU (application protocol data unit) instruction to the card application);
  • SIM API SIM API
  • APDU application protocol data unit
  • the client application selects the card application based on the AID of the card application, and sends an APDU request to the SIM access interface based on the selected card application.
  • Step 2 The SIM access interface forwards the access request
  • the SIM access interface forwards the APDU request to the access control module.
  • Step 3 The access control module obtains the certificate information of the client application from the application manager;
  • the access control module obtains the certificate information of the client application from the application manager.
  • the certificate information is stored in the application manager when the client application is installed.
  • the certificate information is used to communicate with the access control rules obtained by the access control module.
  • App access authorization authentication In actual application, the client applies one-to-one correspondence settings to the card application.
  • the terminal installs the client application, it sends the client application certificate issued by the certificate issuer (CI) to the AC application that manages the client application in the eUICC ,
  • the terminal also stores a copy of the client application certificate in the application manager, so that the access control module can obtain the copy of the client application certificate from the application manager according to the selected card application.
  • Step 4 The access control module judges whether the rule is updated (if it has been updated, reload the new rule);
  • the access control module In order to ensure that the access control rules of the card application corresponding to the APDU request obtained by the access control module are the latest access control rules, the access control module also sends an update flag query request to the eUICC, and determines the access control of the card application to be accessed based on the feedback information. Whether the rule is updated, if it has been updated, the access control rule applied by the card to be accessed needs to be re-acquired.
  • Step 5 The access control module judges whether the client application meets the access conditions
  • the access control module authenticates the access authority of the client application according to the obtained access control rules of the card application to be accessed and the application certificate of the client application. If the authentication is passed, it is determined that the access conditions are met. If the authentication is not passed, it is determined not to be Meet the access conditions. In actual application, the authentication process may be to compare whether the copy of the client application certificate matches the client application certificate (that is, the access control rule).
  • Step 6 If the access of the client application meets the requirements of the rules, then feedback OK, otherwise an error is returned, and the process ends;
  • the access control module determines that the client application meets the requirements of the rule, it generates a response (that is, feedback OK) to the SIM interface.
  • Step 7 The client application exchanges information with the card application.
  • the SIM interface can realize the information interaction between the client application and the card application.
  • the embodiment of the present disclosure also provides an eUICC access control device, which is set in the eUICC. As shown in FIG. 5, the device includes: a first processing module 501, a first AC application 502, and a second AC application 503; among them,
  • the first processing module 501 is configured to receive the first request sent by the terminal for obtaining the access permission of the card-level application
  • the first request is used to obtain the first access control rule of the eUICC, and the first access control rule is used for the terminal to authenticate the access authority of the card-level application.
  • the first AC application 502 is configured to manage, based on the first request, the access authority of the terminal to access the card-level application;
  • the first AC application 502 is configured to send the first access control rule to the terminal based on the first request, so that the terminal can access the card-level application according to the first access control rule Certification
  • the first processing module 501 is further configured to receive a second request sent by the terminal to obtain the access permission of the Profile-level application, and the second request is generated after the terminal obtains the access permission of the card-level application. ;
  • the second AC application 503 is configured to manage the access authority of the terminal to access the Profile-level application based on the second request.
  • the second request is used to obtain the second access control rule corresponding to the profile in the active state on the eUICC, and the second access control rule is used for the terminal to perform the access authority authentication of the profile-level application.
  • the second AC application sends the second access control rule to the terminal, so that the terminal can authenticate the access authority of the Profile-level application according to the second access control rule.
  • the second AC application and the Profile are set in a one-to-one correspondence, and are used to manage the second access control rules of the Profile-level application corresponding to the corresponding Profile.
  • the application identifier of each second AC application includes the corresponding profile. Identity.
  • the first processing module 502 is further configured to determine the corresponding second AC application based on the identity of the active profile carried in the second request, and each second AC application corresponding to the active profile sends the respective managed second AC applications. 2. Give access control rules to the terminal.
  • the first processing module 501 is further configured to receive a first update request sent by the terminal, and the first AC application updates the first access control rule based on the first update request, where The first update request is generated after the terminal obtains the access permission of the card-level application.
  • the first processing module 501 is further configured to receive a second update request sent by the terminal, and the second AC application updates the second access control rule based on the second update request, where The second update request is generated when the terminal obtains the access authority of the Profile-level application and the Profile corresponding to the Profile-level application is in an active state.
  • the first processing module 501 is further configured to receive an update flag query request sent by the terminal.
  • the update flag query request is used to query whether the target access control rule is updated, and the target access control rule is the terminal side. If the target access control rule is not updated, the AC application corresponding to the target access control rule feeds back the first information to the terminal, The first information is used to indicate that the target access control rule has not been updated; if the target access control rule has been updated, the AC application corresponding to the target access control rule feeds back second information to the terminal, and the first The second information is used to instruct the terminal to reacquire the target access control rule.
  • the corresponding AC application adds an access control rule corresponding to the newly installed card-level application or the profile-level application
  • the corresponding AC application deletes an access control rule corresponding to the corresponding card-level application or the profile-level application.
  • the first processing module 501, the first AC application 502, and the second AC application 503 may be implemented by a processor in an eUICC access control device.
  • the processor needs to run a computer program in the memory to realize its functions.
  • the embodiment of the present disclosure also provides an eUICC access control device, which is set in a terminal.
  • the device includes: a second processing module 601 and an authentication module 602; wherein,
  • the second processing module 601 is configured to send a first request for obtaining access rights of card-level applications to the eUICC;
  • the first request is used to obtain the first access control rule of the eUICC.
  • the authentication module 602 is configured to access the first AC application of the eUICC, and authenticate the access authority of the card-level application of the eUICC;
  • the authentication module 602 accesses the first AC application of the eUICC, receives the first access control rule sent by the first AC application, and accesses the card-level application of the eUICC according to the first access control rule Authorization for authentication.
  • the second processing module 601 is further configured to, after the authentication module determines that the terminal obtains the access authority of the card-level application of the eUICC, send a second request for obtaining the access authority of the profile-level application of the contract data file to The eUICC;
  • the second request is used to obtain the second access control rule corresponding to the profile activated on the eUICC.
  • the authentication module 602 is further configured to access the second AC application of the eUICC, and authenticate the access authority of the profile-level application of the eUICC.
  • the authentication module 602 accesses the second AC application of the eUICC, receives the second access control rule sent by the second AC application, and accesses the profile-level application of the eUICC according to the second access control rule Authorization for authentication.
  • the second processing module 601 is configured to:
  • the second request is sent based on the identity of the profile in the activated state, and the second request carries the identity of the profile in the activated state.
  • the second processing module 601 sends a first update request to the eUICC, and the first update request is used for Instruct the eUICC to update the first access control rule.
  • the second processing module 601 sends a second update request to the eUICC, and the second update request is used for Instruct the eUICC to update the second access control rule.
  • the second processing module 601 is further configured to send an update flag query request to the eUICC, where the update flag query request is used to query whether the target access control rule is updated, and the target access control rule is the terminal
  • the client application on the client side applies the access control rules corresponding to the card-level application or profile-level application to be accessed; receives the feedback information fed back by the eUICC; if the feedback information indicates that the target access control rule has been updated, re-acquire the Target access control rules.
  • the authentication module 602 performs access authority authentication on the card-level application or profile-level application to be accessed based on the re-acquired target access control rule.
  • the authentication module 602 is further configured as at least one of the following:
  • the eUICC access control device provided in the above embodiment performs eUICC access control
  • only the division of the above program modules is used as an example for illustration.
  • the above processing can be allocated to different program modules as needed.
  • Complete that is, divide the internal structure of the device into different program modules to complete all or part of the processing described above.
  • the eUICC access control apparatus provided in the foregoing embodiment belongs to the same concept as the eUICC access control method embodiment. For the specific implementation process, please refer to the method embodiment, which will not be repeated here.
  • FIG. 7 only shows an exemplary structure of the eUICC but not the entire structure, and part of the structure or all of the structure shown in FIG. 7 can be implemented as required.
  • the eUICC 700 provided by the embodiment of the present disclosure includes: at least one processor 701, a memory 702, and at least one network interface 703.
  • the various components in the eUICC 700 are coupled together through the bus system 704.
  • the bus system 704 is used to implement connection and communication between these components.
  • the bus system 704 also includes a power bus, a control bus, and a status signal bus.
  • various buses are marked as the bus system 704 in FIG. 7.
  • the memory 702 in the embodiment of the present disclosure is used to store various types of data to support the operation of the eUICC 700. Examples of these data include: any computer program used to operate on eUICC 700.
  • the eUICC access control method disclosed in the embodiment of the present disclosure may be applied to the processor 701 or implemented by the processor 701.
  • the processor 701 may be an integrated circuit chip with signal processing capability. In the implementation process, the steps of the eUICC access control method can be completed by hardware integrated logic circuits in the processor 701 or instructions in the form of software.
  • the aforementioned processor 701 may be a general-purpose processor, a digital signal processor (DSP, Digital Signal Processor), or other programmable logic devices, discrete gates or transistor logic devices, discrete hardware components, and the like.
  • the processor 701 may implement or execute various methods, steps, and logical block diagrams disclosed in the embodiments of the present disclosure.
  • the general-purpose processor may be a microprocessor or any conventional processor or the like.
  • the steps of the method disclosed in the embodiments of the present disclosure may be directly embodied as being executed and completed by a hardware decoding processor, or executed and completed by a combination of hardware and software modules in the decoding processor.
  • the software module may be located in a storage medium, and the storage medium is located in the memory 702.
  • the processor 701 reads the information in the memory 702 and completes the steps of the eUICC access control method provided by the embodiment of the present disclosure in combination with its hardware.
  • eUICC 700 may be used by one or more application specific integrated circuits (ASIC, Application Specific Integrated Circuit), DSP, programmable logic device (PLD, Programmable Logic Device), complex programmable logic device (CPLD, Complex Programmable Logic Device, FPGA, general-purpose processor, controller, microcontroller (MCU, Micro Controller Unit), microprocessor (Microprocessor), or other electronic components are implemented to execute the foregoing method.
  • ASIC Application Specific Integrated Circuit
  • DSP programmable logic device
  • PLD Programmable Logic Device
  • CPLD Complex Programmable Logic Device
  • FPGA general-purpose processor
  • controller microcontroller
  • MCU Micro Controller Unit
  • microprocessor Microprocessor
  • FIG. 8 only shows an exemplary structure of the terminal, but not the entire structure, and part or all of the structure shown in FIG. 8 can be implemented as required.
  • a terminal 800 provided by an embodiment of the present disclosure includes: at least one processor 801, a memory 802, and at least one network interface 803.
  • the various components in the terminal 800 are coupled together through the bus system 804.
  • the bus system 804 is used to implement connection and communication between these components.
  • the bus system 804 also includes a power bus, a control bus, and a status signal bus.
  • various buses are marked as the bus system 804 in FIG. 8.
  • the memory 802 in the embodiment of the present disclosure is used to store various types of data to support the operation of the terminal 800. Examples of such data include: any computer program used to operate on the terminal 800.
  • the eUICC access control method disclosed in the embodiment of the present disclosure may be applied to the processor 801 or implemented by the processor 801.
  • the processor 801 may be an integrated circuit chip with signal processing capabilities. In the implementation process, the steps of the eUICC access control method can be completed by hardware integrated logic circuits in the processor 801 or instructions in the form of software.
  • the aforementioned processor 801 may be a general-purpose processor, a digital signal processor (DSP, Digital Signal Processor), or other programmable logic devices, discrete gates or transistor logic devices, discrete hardware components, and the like.
  • the processor 801 may implement or execute various methods, steps, and logical block diagrams disclosed in the embodiments of the present disclosure.
  • the general-purpose processor may be a microprocessor or any conventional processor or the like.
  • the steps of the method disclosed in the embodiments of the present disclosure may be directly embodied as being executed and completed by a hardware decoding processor, or executed and completed by a combination of hardware and software modules in the decoding processor.
  • the software module may be located in a storage medium, and the storage medium is located in the memory 802.
  • the processor 801 reads the information in the memory 802 and completes the steps of the eUICC access control method provided by the embodiment of the present disclosure in combination with its hardware.
  • the terminal 800 may be implemented by one or more ASICs, DSPs, PLDs, CPLDs, FPGAs, general-purpose processors, controllers, MCUs, Microprocessors, or other electronic components for performing the foregoing methods.
  • the memories 702 and 802 may be volatile memories or non-volatile memories, and may also include both volatile and non-volatile memories.
  • the non-volatile memory can be read-only memory (ROM, Read Only Memory), programmable read-only memory (PROM, Programmable Read-Only Memory), and erasable programmable read-only memory (EPROM, Erasable Programmable Read- Only Memory, Electrically Erasable Programmable Read-Only Memory (EEPROM), Ferromagnetic Random Access Memory (FRAM), Flash Memory, Magnetic Surface Memory , CD-ROM, or CD-ROM (Compact Disc Read-Only Memory); magnetic surface memory can be magnetic disk storage or tape storage.
  • the volatile memory may be a random access memory (RAM, Random Access Memory), which is used as an external cache.
  • RAM random access memory
  • SRAM static random access memory
  • SSRAM synchronous static random access memory
  • Synchronous Static Random Access Memory Synchronous Static Random Access Memory
  • DRAM Dynamic Random Access Memory
  • SDRAM Synchronous Dynamic Random Access Memory
  • DDRSDRAM Double Data Rate Synchronous Dynamic Random Access Memory
  • ESDRAM Enhanced Synchronous Dynamic Random Access Memory
  • SLDRAM synchronous connection dynamic random access memory
  • DRRAM Direct Rambus Random Access Memory
  • the memories described in the embodiments of the present disclosure are intended to include, but are not limited to, these and any other suitable types of memories.
  • the embodiment of the present disclosure further provides a storage medium, that is, a computer storage medium, which may specifically be a computer-readable storage medium, for example, includes memories 702, 802 storing computer programs, and the above-mentioned computer programs may be executed by a processor. 701 and 801 are executed to complete the steps described in the method of the embodiment of the present disclosure.
  • the computer-readable storage medium may be a memory such as ROM, PROM, EPROM, EEPROM, Flash Memory, magnetic surface memory, optical disk, or CD-ROM.

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Theoretical Computer Science (AREA)
  • Software Systems (AREA)
  • Computer Hardware Design (AREA)
  • Physics & Mathematics (AREA)
  • General Physics & Mathematics (AREA)
  • General Engineering & Computer Science (AREA)
  • Databases & Information Systems (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Mathematical Physics (AREA)
  • Storage Device Security (AREA)

Abstract

一种嵌入式通用集成电路卡eUICC访问控制方法、装置及存储介质。其中,该方法包括:eUICC接收终端发送的用户获取卡级应用的访问权限的第一请求(101);基于所述第一请求,第一接入控制AC应用管理终端访问卡级应用的访问权限(102);接收所述终端发送的用于获取签约数据文件Profile级应用的访问权限的第二请求,所述第二请求为所述终端获取卡级应用的访问权限后发生成的(103);基于所述第二请求,第二AC应用管理终端访问Profile级应用的访问权限(104);其中,所述eUICC配置有所述第一AC应用和所述第二AC应用。

Description

嵌入式通用集成电路卡访问控制方法、装置及存储介质
相关申请的交叉引用
本申请基于申请号为201910973351.3、申请日为2019年10月14日的中国专利申请提出,并要求该中国专利申请的优先权,该中国专利申请的全部内容在此引入本申请作为参考。
技术领域
本公开涉及移动通信领域,尤其涉及一种嵌入式通用集成电路卡(Embedded UICC,eUICC)访问控制方法、装置及存储介质。
背景技术
eSIM(Embedded SIM,嵌入式用户身份识别模块)是一种新型SIM卡,是将传统SIM卡以芯片形态直接嵌入到设备上,而不是作为独立的可移除零部件加入设备中,用户无需插入物理SIM卡。GSMA(全球移动通信系统协会)规范定义的eSIM卡架构中,eUICC(即eSIM卡)上可以保存一个或多个Profile(签约数据文件),当某个Profile处于激活状态时,用户可以使用该Profile中包含的安全域、卡应用(Applet)及文件。Profile作为“容器”,卡上的Applet可以包含在某一个Profile中。当某个Profile处于“激活(Enabled)”状态时,该Profile中包含的Applet(s)处于“激活”状态,可以正常的访问、工作;当某个Profile处于“去活(Disabled)”状态时,该Profile中包含的Applet(s)处于“去活”状态,无法与外部实体通信。
相关技术中,为了确保授权的终端应用(又称为客户端应用)才能对指定的卡应用进行访问,需要对终端应用访问的卡应用进行访问权限认证,确保获得访问权限后进行终端应用与卡应用的信息交互,然而,对于eSIM 卡中多Profile共存的业务场景,eUICC控制方、不同Profile所有方之间的访问控制规则往往无法协调。
发明内容
有鉴于此,本公开实施例提供了一种eSIM访问控制方法、装置及存储介质,旨在解决eUICC控制方、不同Profile所有方之间的访问控制规则无法协调的技术问题。
本公开实施例的技术方案是这样实现的:
本公开实施例提供了一种eUICC访问控制方法,包括:
eUICC接收终端发送的用于获取卡级应用的访问权限的第一请求;
基于所述第一请求,第一接入控制AC应用管理终端访问卡级应用的访问权限;
接收所述终端发送的用于获取签约数据文件Profile级应用的访问权限的第二请求,所述第二请求为所述终端获取卡级应用的访问权限后发生成的;
基于所述第二请求,第二AC应用管理终端访问Profile级应用的访问权限;
其中,所述eUICC配置有所述第一AC应用和所述第二AC应用。
本公开实施例还提供了一种eUICC访问控制方法,包括:
终端发送用于获取卡级应用的访问权限的第一请求给eUICC;
访问所述eUICC的第一接入控制AC应用,对所述eUICC的卡级应用的访问权限进行认证;
确定获取所述eUICC的卡级应用的访问权限后,发送用于获取签约数据文件Profile级应用的访问权限的第二请求给所述eUICC;
访问所述eUICC的第二AC应用,对所述eUICC的Profile级应用的访问权限进行认证。
本公开实施例又提供了一种嵌入式通用集成电路卡eUICC访问控制装置,应用于eUICC,包括:
第一处理模块,配置为接收终端发送的用于获取卡级应用的访问权限的第一请求;
第一接入控制AC应用,配置为基于所述第一请求,管理终端访问卡级应用的访问权限;
所述第一处理模块,还配置为接收所述终端发送用于获取签约数据文件Profile级应用的访问权限的第二请求,所述第二请求为所述终端获取卡级应用的访问权限后发生成的;
第二AC应用,配置为基于所述第二请求,管理终端访问Profile级应用的访问权限。
本公开实施例还提供了一种嵌入式通用集成电路卡eUICC访问控制装置,应用于终端,包括:
第二处理模块,配置为发送用于获取卡级应用的访问权限的第一请求给eUICC;
认证模块,配置为访问所述eUICC的第一接入控制AC应用,对所述eUICC的卡级应用的访问权限进行认证;
所述第二处理模块,还配置为所述认证模块确定所述终端获取所述eUICC的卡级应用的访问权限后,发送用于获取签约数据文件Profile级应用的访问权限的第二请求给所述eUICC;
所述认证模块,还配置为访问所述eUICC的第二AC应用,对所述eUICC的Profile级应用的访问权限进行认证。
本公开实施例又提供了一种嵌入式通用集成电路卡eUICC,包括:处理器和用于存储能够在处理器上运行的计算机程序的存储器,其中,所述处理器,用于运行计算机程序时,执行本公开实施例eUICC侧所述方法的 步骤。
本公开实施例还提供了一种终端,包括:处理器和用于存储能够在处理器上运行的计算机程序的存储器,其中,所述处理器,用于运行计算机程序时,执行本公开实施例终端侧所述方法的步骤。
本公开实施例又一种存储介质,所述存储介质上存储有计算机程序,所述计算机程序被处理器执行时,实现本公开任一实施例所述方法的步骤。
本公开实施例提供的技术方案,由于eUICC配置有卡级的第一AC应用和各Profile对应的第二AC应用,可以实现卡级应用的访问权限与Profile级应用的访问权限的分级管理,由不同的AC应用管理相应的访问权限,便于在终端实现对卡应用的分级访问权限的管理,从而提升eUICC上卡应用访问的安全性。
附图说明
图1为本公开一实施例eUICC访问控制方法的流程示意图;
图2为本公开一实施例eUICC的架构示意图;
图3为本公开另一实施例eUICC访问控制方法的流程示意图;
图4为本公开应用实施例终端的客户端应用获取卡应用访问权限的流程示意图;
图5为本公开一实施例eUICC访问控制装置的结构示意图;
图6为本公开另一实施例eUICC访问控制装置的结构示意图;
图7为本公开实施例eUICC的结构示意图;
图8为本公开实施例终端的结构示意图。
具体实施方式
下面结合附图及实施例对本公开再作进一步详细的描述。
除非另有定义,本文所使用的所有的技术和科学术语与属于本公开的 技术领域的技术人员通常理解的含义相同。本文中在本公开的说明书中所使用的术语只是为了描述具体的实施例的目的,不是旨在于限制本公开。
相关技术中,eUICC只有一个AC应用,eUICC上各种卡应用的访问控制规则均由该AC应用管理。这里,卡应用可以包括:卡级应用和Profile级应用,其中,卡级应用是指在eUICC的操作系统(OS)下直接安装的卡应用,操作系统还可以创建一个以上的Profile容器,每个Profile容器在eUICC上都是一个独立的实体,各Profile容器主要用于存储运营商Profile。Profile级应用是指各Profile容器下安装的卡应用。
随着业务需求的不断涌现,eUICC上会安装多个Profile,对于eUICC中多Profile共存的业务场景,eUICC控制方、不同Profile所有方之间的访问控制规则往往无法协调。
基于此,在本公开的各种实施例中,通过eUICC配置卡级的第一AC应用和各Profile对应的第二AC应用,可以实现卡级应用的访问权限与Profile级应用的访问权限的分级管理,由不同的AC应用管理相应的访问权限,便于在终端实现对卡应用的分级访问权限的管理,从而提升eUICC上卡应用访问的安全性。
本公开实施例提供了一种eUICC访问控制方法,应用于eUICC,如图1所示,该方法包括:
步骤101,eUICC接收终端发送的用于获取卡级应用的访问权限的第一请求;
这里,eUICC接收终端发送的第一请求,所述第一请求用于获取所述eUICC的第一访问控制规则;
实际应用时,终端开机后,终端会发送第一请求给eUICC,该第一请求用于获取eUICC的卡级应用对应的第一访问控制规则,即该第一访问控制规则包括各卡级应用对应的访问控制规则。这里,访问控制规则是指对 卡应用的访问权限进行认证的认证信息,第一访问控制规则即对卡级应用的访问权限进行认证的认证信息,该认证信息可以为私有密钥或者数字证书。
步骤102,基于所述第一请求,第一接入控制(AC)应用管理终端访问卡级应用的访问权限;
这里,第一AC应用基于第一请求,将第一访问控制规则发送给所述终端,所述第一访问控制规则用于所述终端进行卡级应用的访问权限认证;
这里,eUICC由第一AC应用管理各卡级应用对应的访问控制规则,第一AC应用基于该第一请求,发送第一访问控制规则给终端,所述第一访问控制规则包括所述eUICC的各卡级应用对应的访问控制规则。
步骤103,接收所述终端发送的用于获取签约数据文件Profile级应用的访问权限的第二请求,所述第二请求为所述终端获取卡级应用的访问权限后发生成的;
这里,eUICC接收所述终端发送的第二请求,所述第二请求为所述终端获取卡级应用的访问权限后发生成的,所述第二请求用于获取所述eUICC上处于激活状态的签约数据文件Profile对应的第二访问控制规则;
实际应用时,终端接收到第一访问控制规则,根据第一访问控制规则对卡级应用的访问权限进行认证,若通过,则获取卡级应用的访问权限,可以基于卡级应用执行相应的处理,若未通过,则表明无法获取卡级应用的访问权限,无法访问卡级应用。
本公开实施例仅在终端获取卡级应用的访问权限后,生成并发送第二请求给eUICC,以获取eUICC上处于激活状态的签约数据文件(Profile)对应的第二访问控制规则,这样,可以实现对访问控制规则的分级管理。
步骤104,基于所述第二请求,第二AC应用管理终端访问Profile级应用的访问权限。
这里,eUICC由第二AC应用管理各Profile级应用对应的访问控制规则,第二AC应用基于第二请求,将激活状态的Profile对应的第二访问控制规则发送给终端,该第二访问控制规则包括相应Profile下Profile级应用的访问控制规则。
本公开实施例eUICC访问控制方法,由于eUICC配置有卡级的第一AC应用和各Profile对应的第二AC应用,可以实现卡级的第一访问控制规则与各Profile的第二访问控制规则的分级管理,由不同的AC应用管理相应的访问控制规则,便于在终端实现对卡应用的分级访问权限的管理,从而提升eUICC上卡应用访问的安全性。
为了可以分别管理各Profile下的Profile级应用的第二访问控制规则,以避免不同Profile间的第二访问控制规则的冲突或管理混乱,基于此,在一实施例中,第二AC应用与Profile一一对应设置,用于管理相应Profile对应的Profile级应用的第二访问控制规则,各第二AC应用的应用标识包括对应Profile的身份标识。
在一实施例中,eUICC的架构如图2所示,该eUICC(即eSIM)包括一个用于管理卡级应用的访问控制规则的AC应用(即第一AC应用),每个Profile(Profile1、Profile2)下各有一个AC应用(即第二AC应用)。其中,卡级应用包括:ISD_R(发行者安全根域)、ECASD(嵌入式UICC控制权限安全域)、Applet 1,第一AC应用的应用标识(AID)标记为AC AID,各Profile具有对应的身份标识(PID),每个Profile下各有一个第二AC应用,该第二AC应用的AID包括:所属Profile的PID和特定的后缀(如AC)。这样,各AC应用的AID在全局具有唯一性,可以有效杜绝以下情形:
1)、eUICC的卡级AC应用管理Profile中应用的访问控制规则;
2)、eUICC的Profile级AC应用管理卡级应用的访问控制规则。
在一实施例中,所述基于所述第二请求,第二AC应用将所述第二访问控制规则发送给所述终端,包括:
基于所述第二请求携带的激活状态的Profile的身份标识确定对应的第二AC应用;
激活状态的Profile对应的各第二AC应用分别发送各自管理的第二访问控制规则给所述终端。
实际应用时,eUICC维护激活状态的Profile对应的列表信息,终端可以获取该列表信息,从而在第二请求中携带激活状态的Profile的PID,由于各AC应用的应用标识包括对应Profile的PID,eUICC可以根据第二请求确定各激活状态的Profile对应的第二AC应用,由相应的第二AC应用发送其管理的第二访问控制规则给终端。
实际应用时,为了满足eSIM所有方有权通过空中下载(OTA)更新第一AC应用中存储的访问控制规则,各Profile所有方通过OTA更新各第二AC应用中存储的访问控制规则。在一实施例中,述方法还包括以下至少之一:
接收所述终端发送的第一更新请求,所述第一AC应用基于所述第一更新请求更新所述第一访问控制规则,其中,所述第一更新请求为所述终端获取卡级应用的访问权限后生成的;
接收所述终端发送的第二更新请求,所述第二AC应用基于所述第二更新请求更新所述第二访问控制规则,其中,所述第二更新请求为所述终端获取Profile级应用的访问权限且该Profile级应用对应的Profile处于激活状态下生成成的。
实际应用时,客户端应用访问待访问的卡级应用或者Profile级应用时,为了确保终端获取的卡级应用或者Profile级应用的访问控制规则为最新的访问控制规则,在一实施例中,所述方法还包括:
接收终端发送的更新标志查询请求,所述更新标志查询请求用于查询目标访问控制规则是否更新,所述目标访问控制规则为终端侧的客户端应用待访问的卡级应用或者Profile级应用对应的访问控制规则;
若所述目标访问控制规则未更新,则反馈第一信息给所述终端,所述第一信息用于指示所述目标访问控制规则未更新;
若所述目标访问控制规则已更新,则反馈第二信息给所述终端,所述第二信息用于指示所述终端重新获取所述目标访问控制规则。
为了及时管理各AC应用下的访问控制规则,确保各访问控制规则有效,所述方法还包括以下至少之一:
确定安装新的卡级应用或者Profile级应用时,对应的AC应用添加新安装的卡级应用或者Profile级应用对应的访问控制规则;
确定删除卡级应用或者Profile级应用时,对应的AC应用删除相应卡级应用或者Profile级应用对应的访问控制规则。
为了实现本公开实施例方法,本公开实施例还提供了一种eUICC访问控制方法,应用于终端,如图3所示,该方法包括:
步骤301,终端发送用于获取卡级应用的访问权限的第一请求给eUICC;
这里,所述第一请求用于获取所述eUICC的第一访问控制规则;
实际应用时,终端开机后,终端会发送第一请求给eUICC,该第一请求用于获取eUICC的卡级应用对应的第一访问控制规则,即该第一访问控制规则包括各卡级应用对应的访问控制规则。这里,访问控制规则是指对卡应用的访问权限进行认证的认证信息,第一访问控制规则即对卡级应用的访问权限进行认证的认证信息,该认证信息可以为私有密钥或者数字证书。
步骤302,访问所述eUICC的第一接入控制AC应用,对所述eUICC 的卡级应用的访问权限进行认证;
这里,终端访问eUICC的第一AC应用,接收所述第一AC应用发送的第一访问控制规则;
这里,eUICC由第一AC应用管理各卡级应用对应的访问控制规则,第一AC应用基于该第一请求,发送第一访问控制规则给终端。
步骤303,确定获取所述eUICC的卡级应用的访问权限后,发送用于获取签约数据文件Profile级应用的访问权限的第二请求给所述eUICC;
这里,终端基于所述第一访问控制规则确定所述终端获取所述eUICC的卡级应用的访问权限后,发送用于获取Profile级应用的访问权限的第二请求给所述eUICC。具体地,所述第二请求用于获取所述eUICC上激活状态的Profile对应的第二访问控制规则;
实际应用时,终端接收到第一访问控制规则,根据第一访问控制规则对卡级应用的访问权限进行认证,若通过,则获取卡级应用的访问权限,可以基于卡级应用执行相应的处理,若未通过,则表明无法获取卡级应用的访问权限,无法访问卡级应用。
终端确定获取eUICC的卡级应用的访问权限后,发送第二请求给所述eUICC,所述第二请求用于获取eUICC上处于激活状态的Profile对应的第二访问控制规则,这样,可以实现对访问控制规则的分级管理。
步骤304,访问所述eUICC的第二AC应用,对所述eUICC的Profile级应用的访问权限进行认证。
这里,终端访问所述eUICC的第二AC应用,接收所述第二AC应用发送的第二访问控制规则。
这里,若激活状态的Profile为两个以上时,终端分别接收相应的第二AC应用发送的第二访问控制规则。
终端接收第二访问控制规则,可以根据接收的第二访问控制规则对相 应的Profile级应用进行访问权限认证,若认证通过,则可以访问相应的Profile级应用。
在一实施例中,所述发送用于获取Profile级应用的访问权限的第二请求给所述eUICC,包括:
获取所述eUICC上处于激活状态的Profile的身份标识;
基于所述激活状态的Profile的身份标识发送所述第二请求,所述第二请求携带所述激活状态的Profile的身份标识。
实际应用时,eUICC维护激活状态的Profile对应的列表信息,终端可以获取该列表信息,从而在第二请求中携带激活状态的Profile的PID,由于各AC应用的应用标识包括对应Profile的PID,eUICC可以根据第二请求确定各激活状态的Profile对应的第二AC应用,由相应的第二AC应用发送其管理的第二访问控制规则给终端。
在一实施例中,为了能够更新eUICC上的访问控制规则,所述方法还包括以下之一:
确定获取所述eUICC的卡级应用的访问权限后,发送第一更新请求给所述eUICC,所述第一更新请求用于指示所述eUICC更新所述第一访问控制规则;
确定获取所述eUICC的Profile级应用的访问权限后,发送第二更新请求给所述eUICC,所述第二更新请求用于指示所述eUICC更新所述第二访问控制规则。
实际应用时,客户端应用访问待访问的卡级应用或者Profile级应用时,为了确保终端获取的卡级应用或者Profile级应用的访问控制规则为最新的访问控制规则,在一实施例中,所述方法还包括:
发送更新标志查询请求给所述eUICC,所述更新标志查询请求用于查询目标访问控制规则是否更新,所述目标访问控制规则为终端侧的客户端 应用待访问的卡级应用或者Profile级应用对应的访问控制规则;
接收所述eUICC反馈的反馈信息;
若所述反馈信息指示所述目标访问控制规则已更新,则重新获取所述目标访问控制规则,并基于所述重新获取的目标访问控制规则对所述待访问的卡级应用或者Profile级应用进行访问权限认证;
若所述反馈信息指示所述目标访问控制规则未更新,则终端可以根据已获取的目标访问控制规则对待访问的卡级应用或者Profile级应用进行访问权限认证。
实际应用时,若Profile的状态发生变化,需要对终端的访问控制规则进行更改,在一实施例中,所述方法还包括以下至少之一:
确定至少一个Profile由激活状态变为去活状态,删除终端存储的该Profile对应的第二访问控制规则;
确定至少一个Profile由去活状态变为激活状态,获取该Profile对应的第二访问控制规则。
实际应用时,终端可以通过周期性获取eUICC侧的激活状态的Profile的列表信息,从而判断是否有Profile由激活状态变为去活状态或者由去活状态变为激活状态的情形,若存在相应情形,则执行删除终端存储的该Profile对应的第二访问控制规则或者获取该Profile对应的第二访问控制规则的步骤。
下面结合应用实施例对本公开再作进一步详细的描述。
图4为本公开一应用实施例中终端的客户端应用获取卡应用访问权限的流程示意图。在本应用实施例中,终端配置有客户端应用、SIM API(用户身份识别模块应用)及应用管理器,其中,SIM API包括SIM访问接口和访问控制模块,应用管理器用于管理客户端应用对应的应用证书。eUICC配置有多个AC应用及各种卡应用(Applet),第一AC应用用于管理卡级 Applet的访问控制规则,各第二AC应用于各Profile对应,用于管理相应Profile下Profile级Applet的访问控制规则。
本应用实施例客户端应用获取卡应用访问权限的流程说明如下:
步骤0,手机终端开机后,访问控制模块从SIM卡上读取规则(含客户端应用证书)并存储;
这里,手机终端会先发送第一请求给eUICC,该第一请求用于获取eUICC的卡级应用对应的第一访问控制规则,即该第一访问控制规则包括各卡级应用对应的访问控制规则,手机终端确定获得eUICC的卡级应用的访问权限后,发送第二请求给所述eUICC,所述第二请求用于获取所述eUICC上激活状态的Profile对应的第二访问控制规则。
步骤1,手机终端上的客户端应用调用SIM API访问SIM卡上的某个卡应用(先通过AID选择卡上的某个应用,再向该卡应用发送APDU(应用协议数据单元)指令);
这里,客户端应用基于卡应用的AID选择卡应用,基于选择的卡应用发送APDU请求给SIM访问接口。
步骤2,SIM访问接口转发访问请求;
这里,SIM访问接口转发APDU请求给访问控制模块。
步骤3,访问控制模块从应用管理器获取客户端应用的证书信息;
这里,访问控制模块从应用管理器获取客户端应用的证书信息,该证书信息为客户端应用安装时存储至应用管理器,该证书信息用于与访问控制模块已获取的访问控制规则进行客户端应用的访问权限认证。实际应用时,客户端应用于卡应用一一对应设置,终端在安装客户端应用时,会将证书颁发者(CI)下发的客户端应用证书发送至eUICC内管理该客户端应用的AC应用,终端还将该客户端应用证书的副本存储至应用管理器,这样,访问控制模块可以根据选择的卡应用从应用管理器获取客户端应用证书的 副本。
步骤4,访问控制模块判断规则是否更新(若已更新则重新加载新的规则);
为了确保访问控制模块获取的APDU请求对应的卡应用的访问控制规则为最新的访问控制规则,访问控制模块还发送更新标志查询请求给所述eUICC,基于反馈信息判断待访问的卡应用的访问控制规则是否更新,若已更新,则需要重新获取该待访问的卡应用的访问控制规则。
步骤5,访问控制模块判断客户端应用是否符合访问条件;
访问控制模块根据获取的待访问的卡应用的访问控制规则和客户端应用的应用证书,对客户端应用的访问权限进行认证,若认证通过则判定符合访问条件,若认证未通过,则判定不符合访问条件。实际应用时,认证的过程可以是比较客户端应用证书的副本与客户端应用证书(即访问控制规则)是否匹配。
步骤6,若客户端应用的访问符合规则要求,则反馈OK,否则返回错误,流程结束;
访问控制模块确定客户端应用符合规则要求时,生成响应(即反馈OK)给SIM接口。
步骤7,客户端应用与卡应用进行信息交互。
SIM接口在收到响应后,可以实现客户端应用与卡应用间的信息交互。
为了实现本公开实施例的方法,本公开实施例还提供一种eUICC访问控制装置,设置在eUICC,如图5所示,该装置包括:第一处理模块501、第一AC应用502及第二AC应用503;其中,
第一处理模块501,配置为接收终端发送的用于获取卡级应用的访问权限的第一请求;
实际应用时,所述第一请求用于获取所述eUICC的第一访问控制规则, 所述第一访问控制规则用于所述终端进行卡级应用的访问权限认证。
第一AC应用502,配置为基于所述第一请求,管理终端访问卡级应用的访问权限;
实际应用时,第一AC应用502配置为基于所述第一请求,将所述第一访问控制规则发送给所述终端,以供终端根据所述第一访问控制规则进行卡级应用的访问权限认证;
所述第一处理模块501,还配置为接收所述终端发送用于获取Profile级应用的访问权限的第二请求,所述第二请求为所述终端获取卡级应用的访问权限后发生成的;
第二AC应用503,配置为基于所述第二请求,管理终端访问Profile级应用的访问权限。
实际应用时,第二请求用于获取所述eUICC上处于激活状态的Profile对应的第二访问控制规则,第二访问控制规则用于终端进行Profile级应用的访问权限认证。第二AC应用基于所述第二请求,将所述第二访问控制规则发送给所述终端,以供所述终端根据所述第二访问控制规则进行Profile级应用的访问权限认证。
在一实施例中,所述第二AC应用与所述Profile一一对应设置,用于管理相应Profile对应的Profile级应用的第二访问控制规则,各第二AC应用的应用标识包括对应Profile的身份标识。所述第一处理模块502还用于基于所述第二请求携带的激活状态的Profile的身份标识确定对应的第二AC应用,激活状态的Profile对应的各第二AC应用分别发送各自管理的第二访问控制规则给所述终端。
在一实施例中,所述第一处理模块501还配置为接收所述终端发送的第一更新请求,所述第一AC应用基于所述第一更新请求更新所述第一访问控制规则,其中,所述第一更新请求为所述终端获取卡级应用的访问权限 后生成的。
在一实施例中,所述第一处理模块501还配置为接收所述终端发送的第二更新请求,所述第二AC应用基于所述第二更新请求更新所述第二访问控制规则,其中,所述第二更新请求为所述终端获取Profile级应用的访问权限且该Profile级应用对应的Profile处于激活状态下生成成的。
在一实施例中,所述第一处理模块501还配置为接收终端发送的更新标志查询请求,所述更新标志查询请求用于查询目标访问控制规则是否更新,所述目标访问控制规则为终端侧的客户端应用待访问的卡级应用或者Profile级应用对应的访问控制规则;若所述目标访问控制规则未更新,则所述目标访问控制规则对应的AC应用反馈第一信息给所述终端,所述第一信息用于指示所述目标访问控制规则未更新;若所述目标访问控制规则已更新,则所述目标访问控制规则对应的AC应用反馈第二信息给所述终端,所述第二信息用于指示所述终端重新获取所述目标访问控制规则。
在一实施例中,所述第一处理模块501确定安装新的卡级应用或者Profile级应用时,对应的AC应用添加新安装的卡级应用或者Profile级应用对应的访问控制规则;
在一实施例中,所述第一处理模块501确定删除卡级应用或者Profile级应用时,对应的AC应用删除相应卡级应用或者Profile级应用对应的访问控制规则。
实际应用时,所述第一处理模块501、所述第一AC应用502及所述第二AC应用503,可以由eUICC访问控制装置中的处理器来实现。当然,处理器需要运行存储器中的计算机程序来实现它的功能。
为了实现本公开实施例的方法,本公开实施例还提供一种eUICC访问控制装置,设置在终端,如图6所示,该装置包括:第二处理模块601、认证模块602;其中,
第二处理模块601,配置为发送用于获取卡级应用的访问权限的第一请求给eUICC;
实际应用时,所述第一请求用于获取所述eUICC的第一访问控制规则。
认证模块602,配置为访问所述eUICC的第一AC应用,对所述eUICC的卡级应用的访问权限进行认证;
实际应用时,认证模块602访问所述eUICC的第一AC应用,接收所述第一AC应用发送的第一访问控制规则,根据所述第一访问控制规则对所述eUICC的卡级应用的访问权限进行认证。
所述第二处理模块601,还配置为所述认证模块确定所述终端获取所述eUICC的卡级应用的访问权限后,发送用于获取签约数据文件Profile级应用的访问权限的第二请求给所述eUICC;
这里,第二请求用于获取所述eUICC上激活状态的Profile对应的第二访问控制规则。
所述认证模块602,还配置为访问所述eUICC的第二AC应用,对所述eUICC的Profile级应用的访问权限进行认证。
实际应用时,认证模块602访问所述eUICC的第二AC应用,接收所述第二AC应用发送的第二访问控制规则,根据所述第二访问控制规则对所述eUICC的Profile级应用的访问权限进行认证。
在一实施例中,所述第二处理模块601配置为:
获取所述eUICC上处于激活状态的Profile的身份标识;
基于所述激活状态的Profile的身份标识发送所述第二请求,所述第二请求携带所述激活状态的Profile的身份标识。
在一实施例中,所述认证模块602确定获取所述eUICC的卡级应用的访问权限后,所述第二处理模块601发送第一更新请求给所述eUICC,所述第一更新请求用于指示所述eUICC更新所述第一访问控制规则。
在一实施例中,所述认证模块602确定获取所述eUICC的Profile级应用的访问权限后,所述第二处理模块601发送第二更新请求给所述eUICC,所述第二更新请求用于指示所述eUICC更新所述第二访问控制规则。
在一实施例中,所述第二处理模块601还配置为发送更新标志查询请求给所述eUICC,所述更新标志查询请求用于查询目标访问控制规则是否更新,所述目标访问控制规则为终端侧的客户端应用待访问的卡级应用或者Profile级应用对应的访问控制规则;接收所述eUICC反馈的反馈信息;若所述反馈信息指示所述目标访问控制规则已更新,则重新获取所述目标访问控制规则,所述认证模块602基于所述重新获取的目标访问控制规则对所述待访问的卡级应用或者Profile级应用进行访问权限认证。
在一实施例中,所述认证模块602还配置为以下至少之一:
确定至少一个Profile由激活状态变为去活状态,删除终端存储的该Profile对应的第二访问控制规则;
确定至少一个Profile由去活状态变为激活状态,获取该Profile对应的第二访问控制规则。
需要说明的是:上述实施例提供的eUICC访问控制装置在进行eUICC访问控制时,仅以上述各程序模块的划分进行举例说明,实际应用中,可以根据需要而将上述处理分配由不同的程序模块完成,即将装置的内部结构划分成不同的程序模块,以完成以上描述的全部或者部分处理。另外,上述实施例提供的eUICC访问控制装置与eUICC访问控制方法实施例属于同一构思,其具体实现过程详见方法实施例,这里不再赘述。
基于上述程序模块的硬件实现,且为了实现本公开实施例的方法,本公开实施例还提供一种eUICC。图7仅仅示出了该eUICC的示例性结构而非全部结构,根据需要可以实施图7示出的部分结构或全部结构。
如图7所示,本公开实施例提供的eUICC 700包括:至少一个处理器 701、存储器702和至少一个网络接口703。eUICC 700中的各个组件通过总线系统704耦合在一起。可以理解,总线系统704用于实现这些组件之间的连接通信。总线系统704除包括数据总线之外,还包括电源总线、控制总线和状态信号总线。但是为了清楚说明起见,在图7中将各种总线都标为总线系统704。
本公开实施例中的存储器702用于存储各种类型的数据以支持eUICC 700的操作。这些数据的示例包括:用于在eUICC 700上操作的任何计算机程序。
本公开实施例揭示的eUICC访问控制方法可以应用于处理器701中,或者由处理器701实现。处理器701可能是一种集成电路芯片,具有信号的处理能力。在实现过程中,eUICC访问控制方法的各步骤可以通过处理器701中的硬件的集成逻辑电路或者软件形式的指令完成。上述的处理器701可以是通用处理器、数字信号处理器(DSP,Digital Signal Processor),或者其他可编程逻辑器件、分立门或者晶体管逻辑器件、分立硬件组件等。处理器701可以实现或者执行本公开实施例中的公开的各方法、步骤及逻辑框图。通用处理器可以是微处理器或者任何常规的处理器等。结合本公开实施例所公开的方法的步骤,可以直接体现为硬件译码处理器执行完成,或者用译码处理器中的硬件及软件模块组合执行完成。软件模块可以位于存储介质中,该存储介质位于存储器702,处理器701读取存储器702中的信息,结合其硬件完成本公开实施例提供的eUICC访问控制方法的步骤。
在示例性实施例中,eUICC 700可以被一个或多个应用专用集成电路(ASIC,Application Specific Integrated Circuit)、DSP、可编程逻辑器件(PLD,Programmable Logic Device)、复杂可编程逻辑器件(CPLD,Complex Programmable Logic Device)、FPGA、通用处理器、控制器、微控制器(MCU,Micro Controller Unit)、微处理器(Microprocessor)、或者其他电子元件实 现,用于执行前述方法。
基于上述程序模块的硬件实现,且为了实现本公开实施例的方法,本公开实施例还提供一种终端。图8仅仅示出了该终端的示例性结构而非全部结构,根据需要可以实施图8示出的部分结构或全部结构。
如图8所示,本公开实施例提供的终端800包括:至少一个处理器801、存储器802和至少一个网络接口803。终端800中的各个组件通过总线系统804耦合在一起。可以理解,总线系统804用于实现这些组件之间的连接通信。总线系统804除包括数据总线之外,还包括电源总线、控制总线和状态信号总线。但是为了清楚说明起见,在图8中将各种总线都标为总线系统804。
本公开实施例中的存储器802用于存储各种类型的数据以支持终端800的操作。这些数据的示例包括:用于在终端800上操作的任何计算机程序。
本公开实施例揭示的eUICC访问控制方法可以应用于处理器801中,或者由处理器801实现。处理器801可能是一种集成电路芯片,具有信号的处理能力。在实现过程中,eUICC访问控制方法的各步骤可以通过处理器801中的硬件的集成逻辑电路或者软件形式的指令完成。上述的处理器801可以是通用处理器、数字信号处理器(DSP,Digital Signal Processor),或者其他可编程逻辑器件、分立门或者晶体管逻辑器件、分立硬件组件等。处理器801可以实现或者执行本公开实施例中的公开的各方法、步骤及逻辑框图。通用处理器可以是微处理器或者任何常规的处理器等。结合本公开实施例所公开的方法的步骤,可以直接体现为硬件译码处理器执行完成,或者用译码处理器中的硬件及软件模块组合执行完成。软件模块可以位于存储介质中,该存储介质位于存储器802,处理器801读取存储器802中的信息,结合其硬件完成本公开实施例提供的eUICC访问控制方法的步骤。
在示例性实施例中,终端800可以被一个或多个ASIC、DSP、PLD、 CPLD、FPGA、通用处理器、控制器、MCU、Microprocessor、或其他电子元件实现,用于执行前述方法。
可以理解,存储器702、802可以是易失性存储器或非易失性存储器,也可包括易失性和非易失性存储器两者。其中,非易失性存储器可以是只读存储器(ROM,Read Only Memory)、可编程只读存储器(PROM,Programmable Read-Only Memory)、可擦除可编程只读存储器(EPROM,Erasable Programmable Read-Only Memory)、电可擦除可编程只读存储器(EEPROM,Electrically Erasable Programmable Read-Only Memory)、磁性随机存取存储器(FRAM,ferromagnetic random access memory)、快闪存储器(Flash Memory)、磁表面存储器、光盘、或只读光盘(CD-ROM,Compact Disc Read-Only Memory);磁表面存储器可以是磁盘存储器或磁带存储器。易失性存储器可以是随机存取存储器(RAM,Random Access Memory),其用作外部高速缓存。通过示例性但不是限制性说明,许多形式的RAM可用,例如静态随机存取存储器(SRAM,Static Random Access Memory)、同步静态随机存取存储器(SSRAM,Synchronous Static Random Access Memory)、动态随机存取存储器(DRAM,Dynamic Random Access Memory)、同步动态随机存取存储器(SDRAM,Synchronous Dynamic Random Access Memory)、双倍数据速率同步动态随机存取存储器(DDRSDRAM,Double Data Rate Synchronous Dynamic Random Access Memory)、增强型同步动态随机存取存储器(ESDRAM,Enhanced Synchronous Dynamic Random Access Memory)、同步连接动态随机存取存储器(SLDRAM,SyncLink Dynamic Random Access Memory)、直接内存总线随机存取存储器(DRRAM,Direct Rambus Random Access Memory)。本公开实施例描述的存储器旨在包括但不限于这些和任意其它适合类型的存储器。
在示例性实施例中,本公开实施例还提供了一种存储介质,即计算机存储介质,具体可以是计算机可读存储介质,例如包括存储计算机程序的存储器702、802,上述计算机程序可由处理器701、801执行,以完成本公开实施例方法所述的步骤。计算机可读存储介质可以是ROM、PROM、EPROM、EEPROM、Flash Memory、磁表面存储器、光盘、或CD-ROM等存储器。
需要说明的是:“第一”、“第二”等是用于区别类似的对象,而不必用于描述特定的顺序或先后次序。
另外,本公开实施例所记载的技术方案之间,在不冲突的情况下,可以任意组合。
以上所述,仅为本公开的具体实施方式,但本公开的保护范围并不局限于此,任何熟悉本技术领域的技术人员在本公开揭露的技术范围内,可轻易想到变化或替换,都应涵盖在本公开的保护范围之内。因此,本公开的保护范围应以权利要求的保护范围为准。

Claims (17)

  1. 一种嵌入式通用集成电路卡eUICC访问控制方法,包括:
    eUICC接收终端发送的用于获取卡级应用的访问权限的第一请求;
    基于所述第一请求,第一接入控制AC应用管理终端访问卡级应用的访问权限;
    接收所述终端发送的用于获取签约数据文件Profile级应用的访问权限的第二请求,所述第二请求为所述终端获取卡级应用的访问权限后发生成的;
    基于所述第二请求,第二AC应用管理终端访问Profile级应用的访问权限;
    其中,所述eUICC配置有所述第一AC应用和所述第二AC应用。
  2. 根据权利要求1所述的方法,其中,所述第一请求用于获取所述eUICC的第一访问控制规则,所述第一AC应用管理终端访问卡级应用的访问权限,包括:
    所述第一AC应用将所述第一访问控制规则发送给所述终端,其中,所述第一访问控制规则用于所述终端进行卡级应用的访问权限认证;
    所述第二请求用于获取所述eUICC上处于激活状态的签约数据文件Profile对应的第二访问控制规则,所述第二AC应用管理终端访问Profile级应用的访问权限,包括:
    所述第二AC应用将所述第二访问控制规则发送给所述终端,其中,所述第二访问控制规则用于所述终端进行Profile级应用的访问权限认证。
  3. 根据权利要求2所述的方法,其中,所述第二AC应用将所述第二访问控制规则发送给所述终端,包括:
    基于所述第二请求携带的激活状态的Profile的身份标识确定对应的第 二AC应用;
    激活状态的Profile对应的各第二AC应用分别发送各自管理的第二访问控制规则给所述终端;
    其中,所述第二AC应用与所述Profile一一对应设置,用于管理相应Profile对应的Profile级应用的第二访问控制规则,各第二AC应用的应用标识包括对应Profile的身份标识。
  4. 根据权利要求2所述的方法,其中,所述方法还包括以下至少之一:
    接收所述终端发送的第一更新请求,所述第一AC应用基于所述第一更新请求更新所述第一访问控制规则,其中,所述第一更新请求为所述终端获取卡级应用的访问权限后生成的;
    接收所述终端发送的第二更新请求,所述第二AC应用基于所述第二更新请求更新所述第二访问控制规则,其中,所述第二更新请求为所述终端获取Profile级应用的访问权限且该Profile级应用对应的Profile处于激活状态下生成成的。
  5. 根据权利要求2所述的方法,其中,所述方法还包括:
    接收终端发送的更新标志查询请求,所述更新标志查询请求用于查询目标访问控制规则是否更新,所述目标访问控制规则为终端侧的客户端应用待访问的卡级应用或者Profile级应用对应的访问控制规则;
    若所述目标访问控制规则未更新,则反馈第一信息给所述终端,所述第一信息用于指示所述目标访问控制规则未更新;
    若所述目标访问控制规则已更新,则反馈第二信息给所述终端,所述第二信息用于指示所述终端重新获取所述目标访问控制规则。
  6. 根据权利要求2所述的方法,其中,所述方法还包括以下至少之一:
    确定安装新的卡级应用或者Profile级应用时,对应的AC应用添加新安装的卡级应用或者Profile级应用对应的访问控制规则;
    确定删除卡级应用或者Profile级应用时,对应的AC应用删除相应卡级应用或者Profile级应用对应的访问控制规则。
  7. 一种嵌入式通用集成电路卡eUICC访问控制方法,包括:
    终端发送用于获取卡级应用的访问权限的第一请求给eUICC;
    访问所述eUICC的第一接入控制AC应用,对所述eUICC的卡级应用的访问权限进行认证;
    确定获取所述eUICC的卡级应用的访问权限后,发送用于获取签约数据文件Profile级应用的访问权限的第二请求给所述eUICC;
    访问所述eUICC的第二AC应用,对所述eUICC的Profile级应用的访问权限进行认证。
  8. 根据权利要求7所述的方法,其中,所述访问所述eUICC的第一AC应用,对所述eUICC的卡级应用的访问权限进行认证,包括:
    接收所述第一AC应用发送的第一访问控制规则;
    基于所述第一访问控制规则对所述eUICC的卡级应用的访问权限进行认证;
    所述访问所述eUICC的第二AC应用,对所述eUICC的Profile级应用的访问权限进行认证,包括:
    接收所述第二AC应用发送的第二访问控制规则;
    基于所述第二访问控制规则对所述eUICC的Profile级应用的访问权限进行认证。
  9. 根据权利要求7所述的方法,其中,所述发送用于获取Profile级应用的访问权限的第二请求给所述eUICC,包括:
    获取所述eUICC上处于激活状态的Profile的身份标识;
    基于所述激活状态的Profile的身份标识发送所述第二请求,所述第二请求携带所述激活状态的Profile的身份标识。
  10. 根据权利要求8所述的方法,其中,所述方法还包括以下之一:
    确定获取所述eUICC的卡级应用的访问权限后,发送第一更新请求给所述eUICC,所述第一更新请求用于指示所述eUICC更新所述第一访问控制规则;
    确定获取所述eUICC的Profile级应用的访问权限后,发送第二更新请求给所述eUICC,所述第二更新请求用于指示所述eUICC更新所述第二访问控制规则。
  11. 根据权利要求8所述的方法,其中,所述方法还包括:
    发送更新标志查询请求给所述eUICC,所述更新标志查询请求用于查询目标访问控制规则是否更新,所述目标访问控制规则为终端侧的客户端应用待访问的卡级应用或者Profile级应用对应的访问控制规则;
    接收所述eUICC反馈的反馈信息;
    若所述反馈信息指示所述目标访问控制规则已更新,则重新获取所述目标访问控制规则,并基于所述重新获取的目标访问控制规则对所述待访问的卡级应用或者Profile级应用进行访问权限认证。
  12. 根据权利要求8所述的方法,其中,所述方法还包括以下至少之一:
    确定至少一个Profile由激活状态变为去活状态,删除终端存储的该Profile对应的第二访问控制规则;
    确定至少一个Profile由去活状态变为激活状态,获取该Profile对应的第二访问控制规则。
  13. 一种嵌入式通用集成电路卡eUICC访问控制装置,应用于eUICC,所述装置包括:
    第一处理模块,配置为接收终端发送的用于获取卡级应用的访问权限的第一请求;
    第一接入控制AC应用,配置为基于所述第一请求,管理终端访问卡级应用的访问权限;
    所述第一处理模块,还配置为接收所述终端发送用于获取签约数据文件Profile级应用的访问权限的第二请求,所述第二请求为所述终端获取卡级应用的访问权限后发生成的;
    第二AC应用,配置为基于所述第二请求,管理终端访问Profile级应用的访问权限。
  14. 一种嵌入式通用集成电路卡eUICC访问控制装置,应用于终端,包括:
    第二处理模块,配置为发送用于获取卡级应用的访问权限的第一请求给eUICC;
    认证模块,配置为访问所述eUICC的第一接入控制AC应用,对所述eUICC的卡级应用的访问权限进行认证;
    所述第二处理模块,还配置为所述认证模块确定所述终端获取所述eUICC的卡级应用的访问权限后,发送用于获取签约数据文件Profile级应用的访问权限的第二请求给所述eUICC;
    所述认证模块,还配置为访问所述eUICC的第二AC应用,对所述eUICC的Profile级应用的访问权限进行认证。
  15. 一种嵌入式通用集成电路卡eUICC,包括:处理器和用于存储能够在处理器上运行的计算机程序的存储器,其中,
    所述处理器,配置为运行计算机程序时,执行权利要求1至6任一项所述方法的步骤。
  16. 一种终端,包括:处理器和用于存储能够在处理器上运行的计算机程序的存储器,其中,
    所述处理器,配置为运行计算机程序时,执行权利要求7至12任一项 所述方法的步骤。
  17. 一种存储介质,所述存储介质上存储有计算机程序,所述计算机程序被处理器执行时,实现权利要求1至6任一项或者权利要求7至12任一项所述方法的步骤。
PCT/CN2020/119563 2019-10-14 2020-09-30 嵌入式通用集成电路卡访问控制方法、装置及存储介质 WO2021073440A1 (zh)

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
CN201910973351.3A CN112733133B (zh) 2019-10-14 2019-10-14 嵌入式通用集成电路卡访问控制方法、装置及存储介质
CN201910973351.3 2019-10-14

Publications (1)

Publication Number Publication Date
WO2021073440A1 true WO2021073440A1 (zh) 2021-04-22

Family

ID=75537497

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/CN2020/119563 WO2021073440A1 (zh) 2019-10-14 2020-09-30 嵌入式通用集成电路卡访问控制方法、装置及存储介质

Country Status (2)

Country Link
CN (1) CN112733133B (zh)
WO (1) WO2021073440A1 (zh)

Families Citing this family (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN115942323B (zh) * 2023-01-09 2023-05-23 中国电子科技集团公司第三十研究所 安全增强usim装置和usim安全增强方法

Citations (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20170155507A1 (en) * 2014-07-17 2017-06-01 Samsung Electronics Co., Ltd. Method and device for installing profile of euicc
US20180060199A1 (en) * 2016-08-24 2018-03-01 Apple Inc. LOCAL RECOVERY OF ELECTRONIC SUBSCRIBER IDENTITY MODULE (eSIM) INSTALLATION FLOW
CN107766717A (zh) * 2016-08-17 2018-03-06 中国移动通信有限公司研究院 一种访问控制方法、装置及系统
CN104185179B (zh) * 2013-05-27 2018-06-12 中国移动通信集团公司 一种用于用户识别卡的控制装置、方法及用户识别卡
CN108229213A (zh) * 2016-12-15 2018-06-29 中国移动通信有限公司研究院 访问控制方法、系统及电子设备
CN109963275A (zh) * 2017-12-22 2019-07-02 中兴通讯股份有限公司 签约数据的发送方法、接收方法及签约数据的处理系统

Family Cites Families (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
JP6503560B2 (ja) * 2014-10-22 2019-04-24 ソニー株式会社 情報処理装置、情報処理方法、およびプログラム
FR3072853B1 (fr) * 2017-10-20 2021-11-12 Oberthur Technologies Procedes de chargement d'un profil dans un element securise, gestionnaire et element securise personnalisable
CN111480350B (zh) * 2017-12-18 2022-02-01 华为技术有限公司 嵌入式sim卡的数据访问的方法和设备

Patent Citations (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN104185179B (zh) * 2013-05-27 2018-06-12 中国移动通信集团公司 一种用于用户识别卡的控制装置、方法及用户识别卡
US20170155507A1 (en) * 2014-07-17 2017-06-01 Samsung Electronics Co., Ltd. Method and device for installing profile of euicc
CN107766717A (zh) * 2016-08-17 2018-03-06 中国移动通信有限公司研究院 一种访问控制方法、装置及系统
US20180060199A1 (en) * 2016-08-24 2018-03-01 Apple Inc. LOCAL RECOVERY OF ELECTRONIC SUBSCRIBER IDENTITY MODULE (eSIM) INSTALLATION FLOW
CN108229213A (zh) * 2016-12-15 2018-06-29 中国移动通信有限公司研究院 访问控制方法、系统及电子设备
CN109963275A (zh) * 2017-12-22 2019-07-02 中兴通讯股份有限公司 签约数据的发送方法、接收方法及签约数据的处理系统

Also Published As

Publication number Publication date
CN112733133B (zh) 2024-04-19
CN112733133A (zh) 2021-04-30

Similar Documents

Publication Publication Date Title
US9473943B2 (en) Methods and apparatus for managing data within a secure element
JP6348624B2 (ja) セキュア要素内のデータを管理するための方法及び装置
US11902277B2 (en) Secure modification of manufacturer usage description files based on device applications
US10165007B2 (en) Securing data usage in computing devices
US8590037B2 (en) Managing host application privileges
US10659495B1 (en) Dynamic authorization in a multi-tenancy environment via tenant policy profiles
US20130067564A1 (en) Access management system
US20160330618A1 (en) Trusted execution environment initialization method and mobile terminal
KR20060089658A (ko) 애플리케이션 실행의 보안 관리 프로세스
US20160048688A1 (en) Restricting System Calls using Protected Storage
JP2021170397A (ja) ユーザアカウントと企業ワークスペースとの関連付け
WO2018094581A1 (zh) 一种签约数据集的安装方法、终端及服务器
CN109196891B (zh) 一种签约数据集的管理方法、终端及服务器
WO2018098713A1 (zh) 一种获取授权文件的方法及设备
US11533320B2 (en) Optimize compliance evaluation of endpoints
CA2830880C (en) Managing permission settings applied to applications
US11290870B2 (en) Combined migration and remigration of a network subscription
WO2021073440A1 (zh) 嵌入式通用集成电路卡访问控制方法、装置及存储介质
CN104462893B (zh) 多se模块管理方法和多se模块管理装置
CN114417303A (zh) 登录认证管理方法、装置、处理器及机器可读存储介质
JP7380430B2 (ja) 情報処理装置、情報処理方法、およびプログラム
WO2016045042A1 (zh) 一种安全单元中内容管理的方法及装置
US20230135920A1 (en) Network device authentication
CN110661765B (zh) 授权网络更新方法、装置、计算机设备和存储介质

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 20877730

Country of ref document: EP

Kind code of ref document: A1

NENP Non-entry into the national phase

Ref country code: DE

122 Ep: pct application non-entry in european phase

Ref document number: 20877730

Country of ref document: EP

Kind code of ref document: A1

32PN Ep: public notification in the ep bulletin as address of the adressee cannot be established

Free format text: NOTING OF LOSS OF RIGHTS PURSUANT TO RULE 112(1) EPC (EPO FORM 1205N DATED 08/06/2022)

122 Ep: pct application non-entry in european phase

Ref document number: 20877730

Country of ref document: EP

Kind code of ref document: A1